You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've recently installed a k3s cluster with the server set to a machine in my house, and an agent on a VPS. Before installing k3s on both, I installed Tailscale with my own control server running Headscale.
So when it came to install k3s, I used --flannel-iface=tailscale0 and all is well, for HTTP (non-TLS) requests.
Problem is I want some services to be reachable on my tailnet only, but some to be public as well. Right now, I have nginx listening on both en0 and tailscale0 on the VPS and forwarding those requests to the IP traefik is running on inside the cluster, but I have to manage certificates with certbot on the VPS, as I couldn't get cert-manager to answer to challenges in the cluster.
Is there a way I could skip nginx on the VPS and just have k3s listening on both tailscale0 and en0? Do I need two deployments of Traefik for this to work?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello.
I've recently installed a k3s cluster with the server set to a machine in my house, and an agent on a VPS. Before installing k3s on both, I installed Tailscale with my own control server running Headscale.
So when it came to install k3s, I used
--flannel-iface=tailscale0and all is well, for HTTP (non-TLS) requests.Problem is I want some services to be reachable on my tailnet only, but some to be public as well. Right now, I have nginx listening on both
en0andtailscale0on the VPS and forwarding those requests to the IP traefik is running on inside the cluster, but I have to manage certificates with certbot on the VPS, as I couldn't getcert-managerto answer to challenges in the cluster.Is there a way I could skip nginx on the VPS and just have k3s listening on both
tailscale0anden0? Do I need two deployments of Traefik for this to work?Thanks for any pointers in advance.
Beta Was this translation helpful? Give feedback.
All reactions